US9980144B1 - Hardware-trusted wireless data communications over a wireless relay - Google Patents
Hardware-trusted wireless data communications over a wireless relay Download PDFInfo
- Publication number
- US9980144B1 US9980144B1 US15/486,826 US201715486826A US9980144B1 US 9980144 B1 US9980144 B1 US 9980144B1 US 201715486826 A US201715486826 A US 201715486826A US 9980144 B1 US9980144 B1 US 9980144B1
- Authority
- US
- United States
- Prior art keywords
- hardware
- trusted
- wireless
- trust
- vnf
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/155—Ground-based stations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
- H04L12/2869—Operational details of access network equipments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/108—Source integrity
-
- H04W76/021—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/11—Allocation or use of connection identifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/04—Terminal devices adapted for relaying to or from another terminal or user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
- H04W84/042—Public Land Mobile systems, e.g. cellular systems
- H04W84/047—Public Land Mobile systems, e.g. cellular systems using dedicated repeater stations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Definitions
- Data communication networks serve User Equipment (UE) with data communication services like internet access, voice calling, social networking, and the like.
- UE User Equipment
- the data communication networks deploy wireless access networks.
- the wireless access networks have wireless base stations that communicate wirelessly with the UEs.
- the wireless base stations are also coupled to the data communication networks.
- Wireless relays are used to further extend the range of the wireless base stations.
- wireless relays exchange user data between the UEs and the wireless base stations.
- Hardware trust entails the physical validation of the computer hardware that executes computer software.
- the computer hardware has a physically-embedded, read-only, secret key.
- a remote hardware trust server challenges the computer software with a random number to prove hardware trust.
- the computer software reads and hashes the secret code with the random number to generate a hardware trust result that it sends to the hardware trust server.
- the hardware trust server hashes the same random number with its own copy of the secret key to validate hardware trust from the computer software.
- a wireless relay serves User Equipment (UE) with hardware-trusted wireless data communications over Institute of Electrical and Electronics Engineers (IEEE) 802.11 links and Long Term Evolution (LTE) links.
- the wireless relay maintains hardware-trusted wireless backhaul links to a data network.
- the wireless relay broadcasts an IEEE 802.11 Service Set Identifier (SSID) and a Long-Term Evolution (LTE) Network Identifier (NID).
- SSID Service Set Identifier
- LTE Long-Term Evolution
- NID Network Identifier
- the UE wirelessly transfers a hardware-trusted attachment request using the 802.11 SSID or the LTE NID.
- the wireless relay validates hardware-trust of the UE, and in response, establishes a hardware-trusted attachment of the UE.
- the wireless relay exchanges user data with the UE using hardware-trusted circuitry.
- the wireless relay exchanges the user data over hardware-trusted wireless backhaul links.
- FIG. 1 illustrates a wireless relay to serve User Equipment (UE) with hardware-trusted wireless data communications over Institute of Electrical and Electronics Engineers (IEEE) 802.11 links and Long Term Evolution (LTE) links.
- UE User Equipment
- IEEE Institute of Electrical and Electronics Engineers
- LTE Long Term Evolution
- FIG. 2 illustrates the operation of the wireless relay to serve the UE with hardware-trusted wireless data communications over the IEEE 802.11 links and LTE links.
- FIG. 3 illustrates a wireless relay to serve a UE with normal and hardware-trusted wireless communication services over IEEE 802.11 links and LTE links.
- FIG. 4 illustrates a wireless relay to serve UEs with hardware-trusted and normal wireless communication services over IEEE 802.11 links and LTE links.
- FIG. 5 illustrates an LTE network to serve a UE with normal and hardware-trusted wireless communication services over IEEE 802.11 links and LTE links.
- FIG. 6 illustrates a Network Function Virtualization Infrastructure (NFVI) to serve wireless relays that serve UEs with hardware-trusted wireless data communications.
- NFVI Network Function Virtualization Infrastructure
- FIG. 1 illustrates wireless relay 110 to serve User Equipment (UE) 101 with hardware-trusted wireless data communications over Institute of Electrical and Electronics Engineers (IEEE) 802.11 links and Long Term Evolution (LTE) links.
- Wireless relay 110 comprises wireless access point 111 , Relay Equipment (RE) 112 , data links 113 , and hardware trust (HW) key 114 .
- UE 101 comprises a computer, phone, or some other intelligent data machine with wireless communication components.
- Wireless access point 111 comprises antennas, amplifiers, modulators, filters, signal processors, and a computer system.
- the computer system comprises Central Processing Units (CPUs), Random Access Memory (RAM), data storage, Input/Output (I/O) transceivers, and bus interfaces.
- the CPUs retrieve software from the memories and execute the software to direct the operation of the other computer system components.
- the software comprises modules for hardware trust, operating system, virtualization, data networking, resource scheduling, UE attachment, UE data service, and network connectivity.
- wireless access point 111 comprises an LTE eNodeB with LTE transceivers and IEEE 802.11 transceivers.
- RE 112 comprises antennas, amplifiers, modulators, filters, signal processors, and a computer system.
- the computer system comprises CPUs, Random RAM, data storage, I/O transceivers, and bus interfaces.
- the CPUs retrieve software from the memories and execute the software to direct the operation of the other RE components.
- the software comprises modules for hardware trust, operating system, data networking, wireless access point interface, RE attachment, and RE data service.
- RE 112 comprises a UE that is adapted to serve wireless access point 111 .
- Data links 113 comprise metallic, wireless, and/or optical data links along with integrated control circuitry and software.
- data links 113 comprise an IEEE 802.3 switch and associated cabling.
- Hardware trust key 114 comprises a physically-embedded, read-only, secret code that is also known to hardware trust server 130 .
- Hardware trust server 130 communicates with UE 101 , wireless access point 111 , and data network 120 over data network 131 .
- Data network 131 may use data network 120 and wireless relay 110 .
- hardware trust server 130 issues a random number challenge to wireless access point 111 over data network 131 .
- Wireless access point 111 reads hardware trust key 114 and hashes key 114 with the random number to generate a hardware trust result.
- Wireless access point 111 transfers the hardware trust result to hardware trust server 130 .
- Hardware trust server 130 hashes its own copy of the hardware trust key with the same random number to generate the same hardware trust result. If the hardware trust results match, then wireless access point 111 has hardware trust with hardware trust server 130 . In response to establishing hardware trust, hardware trust server 130 issues a hardware trust digital certificate to wireless access point 111 . The hardware trust digital certificate is digitally signed by hardware trust server 130 and can be validated with the public key for hardware trust server 130 .
- Hardware trust server 130 establishes hardware trust and issues hardware trust digital certificates to UE 101 and data network 120 in a similar manner.
- Wireless access point 111 and UE 101 establish and maintain hardware trust by exchanging and validating their hardware trust digital certificates.
- RE 112 and data network 120 establish and maintain hardware trust by exchanging and validating their hardware trust digital certificates.
- Wireless access point 111 and RE 101 exchange their hardware trust data over data links 113 .
- Wireless relay 110 serves UE 101 with hardware-trusted wireless data communications over wireless communication links 121 - 122 .
- Wireless communication links 121 comprise at least IEEE 802.11 links and LTE links.
- Wireless communication links 122 comprise IEEE 802.11 links, LTE links, or some other type of wireless links.
- RE 112 and data network 120 may perform channel bonding on wireless communication links 122 .
- Wireless access point 111 broadcasts wireless pilot signals 131 that comprise an IEEE 802.11 Service Set Identifier (SSID) and a Long-Term Evolution (LTE) Network Identifier (NID).
- SSID Service Set Identifier
- LTE Long-Term Evolution
- NID Network Identifier
- the SSID and NID are coded to indicate hardware-trusted communication service to UE 101 .
- UE 101 may store various bit strings that correspond to these IDs.
- UE 101 receives the IEEE 802.11 SSID and LTE NID and selects one of them for a hardware-trusted attachment.
- UE 101 wirelessly transfers hardware-trusted attachment request 132 that indicates the selected SSID or NID.
- the hardware-trusted attachment request includes the hardware-trust digital certificate for UE 101 .
- Wireless access point 111 uses the public key for hardware trust server 130 to validate the hardware-trust digital certificate for UE 101 .
- Wireless access point 111 then establishes a hardware-trusted attachment of UE 101 responsive to the hardware-trust validation of UE 101 .
- Wireless access point 111 notifies RE 112 of the hardware-trusted attachment of UE 101 .
- Wireless access point 111 may transfer its own hardware-trust digital certificate to UE 101 responsive to its hardware-trust of UE 101 .
- UE 101 will abandon the attachment if its own hardware trust validation of wireless access point 111 fails.
- Wireless access point 111 uses hardware-trusted circuitry to wirelessly exchange user data with UE 101 in response to the hardware-trusted attachment of UE 101 .
- the hardware-trusted circuitry executes a hardware-trusted application or Virtual Network Function (VNF).
- the hardware-trusted circuitry may then direct all communications from UE 101 to the hardware-trusted application or VNF.
- VNF Virtual Network Function
- wireless access point 101 effectively attaches UE 101 to the hardware-trusted application or VNF.
- Additional information from hardware-trusted UE 101 or its digital certificate can be used to select a specific hardware-trusted application or VNF for UE 101 .
- the International Mobile Subscriber Identifier (IMSI) for UE 101 could be used after UE 101 establishes hardware trust to select a specific hardware-trusted application or VNF for UE 101 attachment.
- IMSI International Mobile Subscriber Identifier
- Wireless access point 111 and RE 112 exchange the user data over a hardware-trusted one of data links 113 responsive to the hardware-trusted attachment of UE 101 .
- RE 112 uses hardware-trusted circuitry to wirelessly exchange the user data with data network 120 over hardware-trusted wireless backhaul links 122 responsive to the hardware-trusted attachment of UE 101 .
- wireless access point may also broadcast a normal SSID and a normal NID for normal UE attachments that do not include the above-described hardware trust feature.
- UEs that attach using the normal SSID or NID could be served in a conventional manner.
- wireless relay 110 maintains isolation between the hardware-trusted software and data and the normal software and data through physical hardware separation or through separate time-sliced operation.
- wireless access point 111 executes a hardware-trusted application and attaches UE 101 to the hardware-trusted application.
- the hardware-trusted application could be a Virtual Network Function (VNF).
- VNF Virtual Network Function
- the VNF in wireless access point 111 and other VNFs in data network 120 may cross-validate their hardware trust.
- wireless access point 111 may execute its VNF during a Network Function Virtualization (NFV) processing cycle.
- the NFV processing cycle comprises the CPU cycles in wireless access point 111 that are allocated to the VNF.
- the VNF indicates its NFV processing cycle during hardware trust validation by hardware trust server 150 .
- Hardware trust server 150 then adds the NFV processing cycle to the hardware trust digital certificate for the VNF.
- an NFV Infrastructure executes other VNFs during NFV processing cycles.
- These NFV processing cycle comprises the CPU cycles in the NFVI that are allocated to the VNFs.
- the NFVI VNFs indicate their NFV processing cycles during their hardware trust validation, and hardware trust server 150 adds their NFV processing cycles to their hardware trust digital certificates.
- the VNF in wireless access point 111 and the other VNFs in data network 120 may cross-validate their actual NFV processing cycles by exchanging and validating their hardware trust digital certificates.
- wireless access point 111 executes a hardware-trusted application or VNF.
- the hardware-trusted attachment of UE 101 could restrict UE 101 to only communication with the hardware-trusted application or VNF.
- the hardware-trusted application or VNF may cross-validate hardware trust and NFV processing cycles with VNFs in data network 120 .
- the hardware-trusted application or VNF may then communicate for UE 101 with the hardware-trusted VNFs in data network 120
- wireless access point 111 could be partially or totally performed by RE 112 or some other components in wireless relay 110 .
- FIG. 2 illustrates the operation of wireless relay 110 to serve UE 101 with hardware-trusted wireless data communications over IEEE 802.11 links and LTE links.
- Wireless access point 111 broadcasts wireless pilot signals that comprise IEEE 802.11 SSIDs and LTE NIDs ( 201 ). Some of the SSIDs and NIDs are specially coded to indicate hardware-trusted communication service to UE 101 , while other SSIDs and NIDs are coded to indicate normal communication service.
- UE 101 receives the IEEE 802.11 SSIDs and LTE NIDs and selects one for a wireless service attachment ( 202 ). UE 101 wirelessly transfers a wireless service attachment request that indicates the selected SSID or NID ( 202 ). The attachment request may include the hardware-trust digital certificate for UE 101 .
- wireless access point 111 validates the hardware-trust digital certificate for UE 101 ( 204 ). If the hardware-trust digital certificate for UE 101 is valid ( 205 ), then wireless access point 111 establishes a hardware-trusted attachment of UE 101 ( 206 ). Wireless access point 111 notifies RE 112 of the hardware-trusted attachment of UE 101 ( 206 ). Wireless access point 111 transfers its own hardware-trust digital certificate to UE 101 ( 206 ). Wireless access point 111 and RE 112 use hardware-trusted circuitry to exchange user data for UE 101 ( 207 ). RE 112 exchanges the user data with data network 120 over hardware-trusted wireless backhaul links 122 ( 207 ).
- wireless access point 111 and RE 112 use normal circuitry to exchange user data for UE 101 ( 208 ).
- RE 112 exchanges the user data with data network 120 over normal wireless backhaul links ( 208 ).
- wireless access point 111 blocks wireless communication service to UE 101 —although normal service might still be allowed ( 209 ).
- FIG. 3 illustrates wireless relay 300 to serve a UE with normal and hardware-trusted wireless communication services over IEEE 802.11 links and LTE links.
- Wireless relay 300 comprises wireless access point 311 , relay equipment 312 , and IEEE 802.3 (ENET) switches 313 - 314 .
- ENET switches 313 and/or 314 may have IEEE 802.3 links to Local Area Networks and Wide Area Networks (LANs/WANs) that also connect to the data network.
- Both wireless access point 311 and relay equipment 312 have an upper hardware-trusted portion and a lower normal portion as indicated by the bold horizontal dashed line.
- Hardware trust software controls the CPUs in the hardware-trusted portion during boot-up and beyond to protect the hardware-trusted CPUs and MEMs from untrusted data and software and to perform hardware trust tasks.
- the hardware-trusted portion of wireless access point 311 has an upper IEEE 802.11 signal path that comprises an upper antenna (ANT), radio head (RH), transceiver (I/O), memory (MEM), MEM, and I/O.
- the upper ANT exchanges wireless 802.11 signals 321 with UEs.
- Wireless 802.11 signals 321 include a hardware-trusted SSID broadcast.
- the upper I/O exchanges data with ENET switch 313 .
- the hardware-trusted portion of wireless access point 311 has a lower LTE signal path that comprises a lower ANT, RH, I/O, MEM, MEM, and I/O.
- the lower ANT exchanges wireless LTE signals 322 with the UEs.
- LTE signals 322 include a hardware-trusted NID broadcast.
- the hardware-trusted portion of wireless access point 311 has a CPU to direct the operations of the hardware-trusted IEEE 802.11 and LTE signal paths.
- the CPU has a physically-embedded, read-only, secret, hardware trust key.
- the hardware-trusted portion of relay equipment 312 has an upper IEEE 802.11 signal path that comprises an upper I/O, MEM, MEM, I/O, RH, and ANT.
- the upper I/O exchanges data with ENET switch 313 .
- the upper ANT exchanges wireless 802.11 signals 325 with a data network.
- the hardware-trusted portion of relay equipment 312 has a lower LTE signal path that comprises a lower I/O, MEM, MEM, I/O, RH, and ANT.
- the lower I/O exchanges data with ENET switch 313 .
- the lower ANT exchanges wireless LTE signals 326 with the data network.
- the normal portion of wireless access point 311 has an upper IEEE 802.11 signal path that comprises an upper ANT, RH, I/O, MEM, MEM, and I/O.
- the upper ANT exchanges wireless 802.11 signals 323 with the UEs.
- Wireless 802.11 signals 323 include a normal SSID broadcast.
- the upper I/O exchanges data with ENET switch 314 .
- the normal portion of wireless access point 311 has a lower LTE signal path that comprises a lower ANT, RH, I/O, MEM, MEM, and I/O.
- the lower ANT exchanges wireless LTE signals 324 with the UEs.
- LTE signals 324 include a normal NID broadcast.
- the lower I/O exchanges data with ENET switch 314 .
- the normal portion of wireless access point 311 has a CPU to direct the operations of the normal IEEE 802.11 and LTE signal paths.
- the normal portion of relay equipment 312 has an upper IEEE 802.11 signal path that comprises an upper I/O, MEM, MEM, I/O, RH, and ANT.
- the upper I/O exchanges data with ENET switch 314 .
- the upper ANT exchanges wireless 802.11 signals 327 with the data network.
- the normal portion of relay equipment 312 has a lower LTE signal path that comprises a lower I/O, MEM, MEM, I/O, RH, and ANT.
- the lower I/O exchanges data with ENET switch 314 .
- the lower ANT exchanges wireless LTE signals 328 with the data network.
- wireless relay 300 Alternative architectures for wireless relay 300 are possible.
- the normal and hardware-trusted portions of wireless access point 311 could share the same 802.11 ANT and RH and/or the same LTE ANT and RH.
- the normal and hardware-trusted portions of relay equipment could share the same 802.11 ANT and RH and/or the same LTE ANT and RH. Isolation between the normal and hardware-trusted portions of the ANTs and RHs could be maintained by using different frequencies or different times.
- the normal and hardware-trusted portions of wireless access point 311 could share the same I/Os, MEMs, and CPUs.
- the normal and hardware-trusted portions of relay equipment 312 could share the same I/Os, MEMs, and CPUs. Isolation between the normal and hardware-trusted portions of the I/Os is maintained by using different times or signal paths. Isolation between the normal and hardware-trusted portions of the CPUs is maintained by using different times or processing cores. Isolation between the normal and hardware-trusted portions of the MEMs is maintained by using different times or memory spaces.
- the IEEE 802.11 or the LTE sections of relay equipment 312 could be omitted and the remaining one of the IEEE 802.11 or the LTE sections could be used.
- wireless access point 311 receives a random number challenge from a hardware trust server.
- Hardware trust software directs the CPU in the hardware-trusted portion of wireless access point 311 to read and hash the hardware trust key with the random number to generate a hardware trust result.
- Wireless access point 311 transfers the hardware trust result to the hardware trust server.
- the hardware trust server hashes its own copy of the hardware trust key with the same random number to generate the same hardware trust result. If the hardware trust results match, then wireless access point 311 has hardware trust with the hardware trust server.
- the hardware trust server issues a hardware trust digital certificate to wireless access point 311 .
- the hardware trust digital certificate is digitally signed by the hardware trust server and can be validated with the public key for the hardware trust server.
- the hardware trust server establishes hardware trust and issues hardware trust digital certificates to the UEs and the data network in a similar manner.
- Hardware trust software drives the CPU in the hardware-trusted portion of relay equipment 312 to exchange hardware trust digital certificates with the data network to maintain hardware-trusted backhaul links over wireless IEEE 802.3 signals 325 and LTE signals 326 .
- a UE wirelessly transfers a hardware-trusted attachment request over wireless IEEE 802.11 signals 321 or LTE signals 322 .
- the hardware-trusted attachment request indicates the hardware-trusted SSID or NID and the hardware trust digital certificate for the UE.
- the hardware trust software drives the hardware-trusted CPU in wireless access point 311 to validate the hardware trust digital certificate for the UE before delivering communication service.
- the CPU then drives the hardware-trusted I/Os and MEMs to exchange hardware-trusted user data between wireless signals 321 - 322 and hardware-trusted ENET switch 313 .
- the hardware-trusted CPU drives the hardware-trusted I/Os and MEMs to exchange the hardware-trusted user data between hardware-trusted ENET switch 313 and wireless IEEE 802.11 signals 325 or LTE signals 326 .
- the UE wirelessly transfers a normal attachment request over wireless IEEE 802.11 signals 323 or LTE signals 324 .
- the normal attachment request indicates the normal SSID or NID.
- the normal CPU drives the normal I/Os and MEMs to exchange normal user data between wireless signals 323 - 324 and normal ENET switch 314 .
- the normal CPU drives the normal I/Os and MEMs to exchange the normal user data between normal ENET switch 314 and wireless IEEE 802.11 signals 327 or LTE signals 328 .
- FIG. 4 illustrates wireless relay 400 to serve UEs with hardware-trusted and normal wireless communication services over IEEE 802.11 links and LTE links.
- Wireless relay 400 is an example of wireless relays 110 and 310 , although those relays may use alternative configurations and operations.
- Wireless relay 400 comprises data communication interfaces 401 and 451 and data processing systems 402 and 452 .
- Data communication interface 401 comprises transceivers 421 - 424 for IEEE 802.11 (WIFI), LTE, IEEE 802.3 (Ethernet), and network.
- Network transceiver 424 may use IEEE 802.11, LTE, or some other wireless protocol.
- Network transceiver 424 may implement channel bonding.
- Data communication interface 451 comprises transceivers 471 - 474 for WIFI, LTE, Ethernet, and network.
- Network transceiver 474 may use IEEE 802.11, LTE, or some other wireless protocol.
- Network transceiver 474 may implement channel bonding.
- Transceivers 421 - 424 and 471 - 474 comprises communication components, such as antennas, amplifiers, filters, modulators, signal processors, ports, bus interfaces, memory, software, and the like.
- Data processing system 402 comprises processing circuitry 403 and storage system 404 .
- Storage system 404 stores software 405 .
- Software 405 includes respective software modules 406 - 410 .
- Data processing system 452 comprises processing circuitry 453 and storage system 454 .
- Storage system 454 stores software 455 .
- Software 455 includes respective software modules 456 - 459 .
- Processing circuitry 403 and 453 comprises CPUs and RAM.
- Processing circuitry 403 includes a physically-embedded, read-only, secret hardware trust key.
- Storage systems 404 and 454 comprise non-transitory, machine-readable, data storage media, such as flash drives, memory circuitry, and the like.
- Software 405 comprises machine-readable instructions that control the operation of processing circuitry 403 when executed.
- Software 455 comprises machine-readable instructions that control the operation of processing circuitry 453 when executed. All or portions of software 405 and 455 may be externally stored on one or more storage media, such as circuitry, discs, and the like.
- Hardware trust software 406 asserts initial control over data processing system 402 and performs hardware trust operations.
- Operating system 407 interfaces between software 408 - 410 and system software/hardware under the control of hardware trust software 406 .
- Access point software 408 directs wireless access operations for UEs.
- Relay equipment software 409 directs wireless access operations to the network for relay 400 .
- Ethernet switch software 410 interfaces access point software 408 and relay equipment software 409 .
- software modules 456 - 459 When executed by processing circuitry 453 , software modules 456 - 459 direct circuitry 453 to perform the following operations.
- Operating system 456 interfaces between software 457 - 459 and system software/hardware.
- Access point software 457 directs wireless access operations for UEs.
- Relay equipment software 458 directs wireless access operations to the network for relay 400 .
- Ethernet switch software 459 interfaces access point software 557 and relay equipment software 458 .
- Data processing systems 402 and 452 could share data communication interface 401 and omit interface 451 . Isolation between the normal and hardware-trusted data is maintained by using different frequencies, signal paths, or times. Data processing systems 402 and 452 could share processing circuitry 403 and omit circuitry 453 . Isolation between the normal and hardware-trusted software/data is maintained by using context switching and different processing times. Data processing systems 402 and 452 could share storage system 404 and omit storage system 454 . Isolation between the normal and hardware-trusted software/data is maintained by using different times or memory spaces.
- FIG. 5 illustrates LTE communication network 500 to serve a UE with normal and hardware-trusted wireless communication services over IEEE 802.11 links and LTE links.
- LTE communication network 500 comprises: the UE, wireless relay 510 , eNode-B (ENB), relay Serving Gateway (SGW), relay Packet Data Network Gateway (PGW), UE SGW, UE PGW, Policy Charging and Rules Function (PCRF), Mobility Management Entity (MME), Home Subscriber System (HSS), and Hardware Trust server (HWT SRV) 520 .
- the UE and wireless relay 510 communicate over IEEE 802.11 or LTE links.
- Wireless relay 510 and the ENB communicate over S1-U links.
- the ENB and relay SGW communicate over S1-U links.
- the relay SGW and relay PGW communicate over S5 links.
- the relay PGW and UE SGW communicate over SGi links.
- the UE SGW and UE PGW communicate over S5 links.
- the UE PGW communicates with other system over SGi links.
- These other systems may include the Internet, Storage Area Networks (SANs), Internet protocol Multimedia Subsystems (IMSs), Content Delivery Networks (CDNs), enterprise networks, and the like.
- the MME has the following signaling links: Non-Access Stratum (NAS) to the UE, S1-MME to wireless relay 510 for its ENB, NAS to wireless relay 510 for its RE, S1-MME to the ENB, S11 to the relay SGW and the UE SGW, and S6 to the HSS.
- the MME also has a signaling link to hardware trust server 520 .
- Hardware trust server 520 has signaling links to the relay PGW and the UE PGW. Note that the UE NAS, relay S1-MME, and relay NAS traverse the S1-Us, Sys, and SGi data links to reach the MME.
- hardware trust server 520 challenges and validates hardware trust for the UE, wireless relay 510 , ENB, SGWs, and PGWs. Over these various signaling links, hardware trust server 520 issues hardware trust digital certificates to the UE, wireless relay 510 , ENB, SGWs, and PGWs.
- the UE and wireless relay 510 cross-validate their hardware trust digital certificates.
- Wireless relay 510 and the ENB cross-validate their hardware trust digital certificates.
- the ENB and relay SGW cross-validate their hardware trust digital certificates.
- the relay SGW and relay PGW cross-validate their hardware trust digital certificates.
- the relay PGW and the UE SGW cross-validate their hardware trust digital certificates.
- the UE SGW and the UE PGW cross-validate their hardware trust digital certificates.
- the UE-PGW and the other systems (SAN, CDN, IMS, enterprise) cross-validate their hardware trust digital certificates.
- Wireless relay 510 broadcasts wireless pilot signals that comprise IEEE 802.11 SSIDs and LTE NIDs). Some of the SSIDs and NIDs indicate hardware-trusted communication service, while other SSIDs and NIDs indicate normal communication service.
- the UE receives the IEEE 802.11 SSIDs and LTE NIDs and selects one for wireless service attachment. The UE wirelessly transfers an attachment request that indicates the selected SSID or NID.
- wireless relay 510 validates the hardware-trust digital certificate for the UE. If the hardware-trust digital certificate for the UE 101 is valid, then wireless relay 510 establishes a hardware-trusted attachment of the UE. Wireless relay 510 may attach the UE to a specific application or VNF based on its ID or a user service request. Wireless relay 510 uses hardware-trusted circuitry to exchange user data for the UE 101 . Wireless relay 510 exchanges the user data over hardware-trusted wireless backhaul links to the UE PGW or other systems like SAN, IMS, or CDN. If the selected SSID or NID is for normal service, then wireless relay 510 uses normal circuitry to exchange user data for the UE. Wireless relay 510 exchanges the normal user data over normal wireless backhaul links to the UE PGW or the other systems.
- FIG. 6 illustrates Network Function Virtualization Infrastructure (NFVI) 600 to serve wireless relays that serve UEs with hardware-trusted wireless data communications.
- NFVI 600 comprises data communication interface 601 and data processing system 602 .
- Data communication interface 601 comprises transceivers 621 - 624 for Ethernet/IP and Wave Division Multiplex (WDM)/IP.
- Transceivers 621 - 624 comprise communication components, such as signal processors, ports, bus interfaces, memory, software, and the like.
- Data processing system 602 comprises processing circuitry 603 and storage system 604 .
- Storage system 604 stores software 605 .
- Software 605 includes respective software modules 606 - 611 .
- Processing circuitry 603 comprises CPUs and RAM.
- Processing circuitry 603 includes a physically-embedded, read-only, secret hardware trust key.
- Storage system 604 comprises non-transitory, machine-readable, data storage media, such as flash drives, memory circuitry, and the like.
- Software 605 comprises machine-readable instructions that control the operation of processing circuitry 603 when executed.
- Hardware trust software 606 asserts initial control over data processing system 602 and performs hardware trust operations.
- Operating system 607 interfaces between virtualization layer 608 and system software/hardware under the control of hardware trust software 606 .
- Virtualization layer 608 interfaces between operating system software 607 and Virtual Network Functions (VNFs) 609 - 611 .
- VNFs 609 - 611 are executed during specific NFV processing cycles in processing circuitry 603 .
- VNFs 609 - 611 report their NFV processing cycles during their hardware trust validation and the NFV processing cycles are indicated in their associated hardware trust digital certificates.
- a wireless relay may have virtualization layer software that interfaces between the relay operating system and relay VNFs.
- the relay VNFs are also executed during specific NFV processing cycles in the relay processing circuitry.
- the relay VNFs could report their NFV processing cycles during their hardware trust validation and the NFV processing cycles would be indicated in their associated hardware trust digital certificates.
- the wireless relay executes a hardware-trusted application or VNF.
- the hardware-trusted attachment of the UE could be an initial attachment to the hardware-trusted application or VNF.
- the hardware-trusted application or VNF may then cross-validate hardware trust and NFV processing cycles with VNFs in NFVI 600 .
- the hardware-trusted application or VNF may then communicate for the UE with the hardware-trusted VNFs in NFVI 600 .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims (16)
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/486,826 US9980144B1 (en) | 2017-04-13 | 2017-04-13 | Hardware-trusted wireless data communications over a wireless relay |
EP18721219.6A EP3610604B1 (en) | 2017-04-13 | 2018-04-06 | Hardware-trusted wireless data communications over a wireless relay |
CA3056258A CA3056258C (en) | 2017-04-13 | 2018-04-06 | Hardware-trusted wireless data communications over a wireless relay |
PCT/US2018/026540 WO2018191126A1 (en) | 2017-04-13 | 2018-04-06 | Hardware-trusted wireless data communications over a wireless relay |
US15/953,160 US10397790B2 (en) | 2017-04-13 | 2018-04-13 | Hardware-trusted wireless data communications over a wireless relay |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/486,826 US9980144B1 (en) | 2017-04-13 | 2017-04-13 | Hardware-trusted wireless data communications over a wireless relay |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/953,160 Continuation US10397790B2 (en) | 2017-04-13 | 2018-04-13 | Hardware-trusted wireless data communications over a wireless relay |
Publications (1)
Publication Number | Publication Date |
---|---|
US9980144B1 true US9980144B1 (en) | 2018-05-22 |
Family
ID=62090064
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/486,826 Active US9980144B1 (en) | 2017-04-13 | 2017-04-13 | Hardware-trusted wireless data communications over a wireless relay |
US15/953,160 Active US10397790B2 (en) | 2017-04-13 | 2018-04-13 | Hardware-trusted wireless data communications over a wireless relay |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/953,160 Active US10397790B2 (en) | 2017-04-13 | 2018-04-13 | Hardware-trusted wireless data communications over a wireless relay |
Country Status (4)
Country | Link |
---|---|
US (2) | US9980144B1 (en) |
EP (1) | EP3610604B1 (en) |
CA (1) | CA3056258C (en) |
WO (1) | WO2018191126A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10397790B2 (en) * | 2017-04-13 | 2019-08-27 | Sprint Communications Company L.P. | Hardware-trusted wireless data communications over a wireless relay |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11108637B1 (en) * | 2019-11-08 | 2021-08-31 | Sprint Communications Company L.P. | Wireless relay consensus for mesh network architectures |
Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090133097A1 (en) | 2007-11-15 | 2009-05-21 | Ned Smith | Device, system, and method for provisioning trusted platform module policies to a virtual machine monitor |
US8019999B2 (en) | 2007-10-18 | 2011-09-13 | Sony Corporation | Wireless receiver device revocation management |
US20110305339A1 (en) | 2010-06-11 | 2011-12-15 | Karl Norrman | Key Establishment for Relay Node in a Wireless Communication System |
US20120297474A1 (en) * | 2010-02-01 | 2012-11-22 | Huawei Technologies Co., Ltd. | Relay node authentication method, apparatus, and system |
US20130097317A1 (en) | 2011-10-18 | 2013-04-18 | Daniel Sheleheda | Method and apparatus for remote trust management for machine to machine communications in a network |
US8522018B2 (en) | 2006-08-18 | 2013-08-27 | Fujitsu Limited | Method and system for implementing a mobile trusted platform module |
US20140007087A1 (en) | 2012-06-29 | 2014-01-02 | Mark Scott-Nash | Virtual trusted platform module |
US9100773B2 (en) | 2012-11-30 | 2015-08-04 | Blackberry Limited | Verifying a wireless device |
US9100188B2 (en) | 2011-04-18 | 2015-08-04 | Bank Of America Corporation | Hardware-based root of trust for cloud environments |
US20160065589A1 (en) | 2014-09-03 | 2016-03-03 | Virtustream, Inc. | Systems and methods for securely provisioning the geographic location of physical infrastructure elements in cloud computing environments |
US9317708B2 (en) | 2008-08-14 | 2016-04-19 | Teleputers, Llc | Hardware trust anchors in SP-enabled processors |
US20160234725A1 (en) * | 2015-02-09 | 2016-08-11 | Sprint Communications Company L.P. | Long term evolution (lte) communications over trusted hardware |
US9473309B2 (en) | 2013-01-29 | 2016-10-18 | Blackberry Limited | System and method for providing a trust framework using a secondary network |
WO2017003684A1 (en) | 2015-06-29 | 2017-01-05 | Sprint Communications Company L.P. | Network function virtualization (nfv) hardware trust in data communication systems |
US20170012968A1 (en) * | 2014-03-26 | 2017-01-12 | Huawei Technologies Co., Ltd. | Network function virtualization-based certificate configuration method, apparatus, and system |
US9578508B2 (en) | 2013-03-13 | 2017-02-21 | Qualcomm Incorporated | Method and apparatus for wireless device countermeasures against malicious infrastructure |
US20170223530A1 (en) * | 2016-02-02 | 2017-08-03 | Sprint Communications Company L.P. | Hardware-trusted network bearers in network function virtualization infrastructure (nfvi) servers that execute virtual network functions (vnfs) under management and orchestration (mano) control |
US9743436B1 (en) * | 2014-02-12 | 2017-08-22 | Gbl Systems Corporation | Methods and apparatus for registering network identifiers and/or taking different actions based on the type of network identifier being registered or reported |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FI115372B (en) * | 1998-09-18 | 2005-04-15 | Nokia Corp | Procedure for identifying a mobile telephone, communication system and mobile telephone |
US7844816B2 (en) * | 2005-06-08 | 2010-11-30 | International Business Machines Corporation | Relying party trust anchor based public key technology framework |
US8176328B2 (en) * | 2008-09-17 | 2012-05-08 | Alcatel Lucent | Authentication of access points in wireless local area networks |
US9083696B1 (en) * | 2012-05-30 | 2015-07-14 | Google Inc. | Trusted peer-based information verification system |
US8650398B2 (en) * | 2012-06-14 | 2014-02-11 | Kabushiki Kaisha Toshiba | Device authentication using restricted memory |
WO2014200496A1 (en) * | 2013-06-13 | 2014-12-18 | Intel Corporation | Secure pairing for communication across devices |
US9775087B2 (en) * | 2014-10-23 | 2017-09-26 | Industrial Technology Research Institute | Method of controlling communication modes for wireless entity and user equipment, and communication system using the same |
US9648617B2 (en) * | 2015-08-24 | 2017-05-09 | Sprint Communications Company L.P. | Hardware-trusted orthogonal frequency division multiplex (OFDM) access to a shared common public radio interface (CPRI) |
CN107040922B (en) * | 2016-05-05 | 2019-11-26 | 腾讯科技(深圳)有限公司 | Wireless network connecting method, apparatus and system |
US10528721B2 (en) * | 2016-10-20 | 2020-01-07 | Intel Corporation | Trusted packet processing for multi-domain separatization and security |
US10404456B2 (en) * | 2016-12-29 | 2019-09-03 | Sprint Communications Company L.P. | Network function virtualization (NFV) hardware trusted hosted MANO |
US9980144B1 (en) * | 2017-04-13 | 2018-05-22 | Sprint Communications Company L.P. | Hardware-trusted wireless data communications over a wireless relay |
-
2017
- 2017-04-13 US US15/486,826 patent/US9980144B1/en active Active
-
2018
- 2018-04-06 WO PCT/US2018/026540 patent/WO2018191126A1/en unknown
- 2018-04-06 CA CA3056258A patent/CA3056258C/en active Active
- 2018-04-06 EP EP18721219.6A patent/EP3610604B1/en active Active
- 2018-04-13 US US15/953,160 patent/US10397790B2/en active Active
Patent Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8522018B2 (en) | 2006-08-18 | 2013-08-27 | Fujitsu Limited | Method and system for implementing a mobile trusted platform module |
US8019999B2 (en) | 2007-10-18 | 2011-09-13 | Sony Corporation | Wireless receiver device revocation management |
US20090133097A1 (en) | 2007-11-15 | 2009-05-21 | Ned Smith | Device, system, and method for provisioning trusted platform module policies to a virtual machine monitor |
US9317708B2 (en) | 2008-08-14 | 2016-04-19 | Teleputers, Llc | Hardware trust anchors in SP-enabled processors |
US20120297474A1 (en) * | 2010-02-01 | 2012-11-22 | Huawei Technologies Co., Ltd. | Relay node authentication method, apparatus, and system |
US20110305339A1 (en) | 2010-06-11 | 2011-12-15 | Karl Norrman | Key Establishment for Relay Node in a Wireless Communication System |
US9100188B2 (en) | 2011-04-18 | 2015-08-04 | Bank Of America Corporation | Hardware-based root of trust for cloud environments |
US20130097317A1 (en) | 2011-10-18 | 2013-04-18 | Daniel Sheleheda | Method and apparatus for remote trust management for machine to machine communications in a network |
US20140007087A1 (en) | 2012-06-29 | 2014-01-02 | Mark Scott-Nash | Virtual trusted platform module |
US9100773B2 (en) | 2012-11-30 | 2015-08-04 | Blackberry Limited | Verifying a wireless device |
US9473309B2 (en) | 2013-01-29 | 2016-10-18 | Blackberry Limited | System and method for providing a trust framework using a secondary network |
US9578508B2 (en) | 2013-03-13 | 2017-02-21 | Qualcomm Incorporated | Method and apparatus for wireless device countermeasures against malicious infrastructure |
US9743436B1 (en) * | 2014-02-12 | 2017-08-22 | Gbl Systems Corporation | Methods and apparatus for registering network identifiers and/or taking different actions based on the type of network identifier being registered or reported |
US20170012968A1 (en) * | 2014-03-26 | 2017-01-12 | Huawei Technologies Co., Ltd. | Network function virtualization-based certificate configuration method, apparatus, and system |
US20160065589A1 (en) | 2014-09-03 | 2016-03-03 | Virtustream, Inc. | Systems and methods for securely provisioning the geographic location of physical infrastructure elements in cloud computing environments |
US20160234725A1 (en) * | 2015-02-09 | 2016-08-11 | Sprint Communications Company L.P. | Long term evolution (lte) communications over trusted hardware |
WO2017003684A1 (en) | 2015-06-29 | 2017-01-05 | Sprint Communications Company L.P. | Network function virtualization (nfv) hardware trust in data communication systems |
US20170223530A1 (en) * | 2016-02-02 | 2017-08-03 | Sprint Communications Company L.P. | Hardware-trusted network bearers in network function virtualization infrastructure (nfvi) servers that execute virtual network functions (vnfs) under management and orchestration (mano) control |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10397790B2 (en) * | 2017-04-13 | 2019-08-27 | Sprint Communications Company L.P. | Hardware-trusted wireless data communications over a wireless relay |
Also Published As
Publication number | Publication date |
---|---|
US10397790B2 (en) | 2019-08-27 |
WO2018191126A1 (en) | 2018-10-18 |
EP3610604A1 (en) | 2020-02-19 |
EP3610604B1 (en) | 2022-10-19 |
CA3056258C (en) | 2019-12-31 |
CA3056258A1 (en) | 2018-10-18 |
US20180302793A1 (en) | 2018-10-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11930397B2 (en) | Session packet duplication | |
US11363435B2 (en) | Network slicing-aware access network | |
EP3496465B1 (en) | User plane function selection for isolated network slice | |
CA2976033C (en) | Long term evolution (lte) communications over trusted hardware | |
US11026165B2 (en) | Radio network node, network node, database, configuration control node, and methods performed thereby | |
US11026276B2 (en) | Inter-PGW handover architecture | |
US10582381B2 (en) | Implementing radio access network slicing in a mobile network | |
US9386480B2 (en) | Systems and methods for providing LTE-based backhaul | |
CN112400358B (en) | Integrity protection processing at GNB-CU-UP | |
JP2020061792A (en) | Wireless terminal, second core network node, and method therefor | |
CN110140421A (en) | The method and apparatus for supporting the interface of LTE/NR interworking are managed in a wireless communication system | |
CN105491617A (en) | Method for supporting local offloading of business and base station sub-system | |
WO2017054661A1 (en) | Wireless relay method, wireless relay, and wireless relay system | |
US20150131552A1 (en) | Method, ue and access network device for implementing data transmission of convergence network | |
US20180343558A1 (en) | Data transmission method and apparatus, and related device | |
WO2022009093A1 (en) | Cell identities in iab network that supports iab migration | |
WO2013004121A1 (en) | Method and device for processing local gateway information | |
US10397790B2 (en) | Hardware-trusted wireless data communications over a wireless relay | |
EP3665938B1 (en) | Realising voice service | |
US11632812B2 (en) | Inter-PGW handover architecture | |
KR101473782B1 (en) | System for service of heterogeneous convergence communication | |
WO2022067540A1 (en) | Relay device selection method and apparatus, and device and storage medium | |
KR20230050048A (en) | Method and apparatus for Session Breakout of Home Routed Session in Visited PLMN in a wireless communication system | |
CN117320084A (en) | Communication method and related equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SPRINT COMMUNICATIONS COMPANY L.P., KANSAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PACZKOWSKI, LYLE WALTER;SCHNELLBACHER, GEORGE JASON;REEL/FRAME:042247/0142 Effective date: 20170406 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: DEUTSCHE BANK TRUST COMPANY AMERICAS, NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNORS:T-MOBILE USA, INC.;ISBV LLC;T-MOBILE CENTRAL LLC;AND OTHERS;REEL/FRAME:053182/0001 Effective date: 20200401 |
|
AS | Assignment |
Owner name: T-MOBILE INNOVATIONS LLC, KANSAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SPRINT COMMUNICATIONS COMPANY L.P.;REEL/FRAME:055604/0001 Effective date: 20210303 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |
|
AS | Assignment |
Owner name: SPRINT SPECTRUM LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINT INTERNATIONAL INCORPORATED, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINT COMMUNICATIONS COMPANY L.P., KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: SPRINTCOM LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: CLEARWIRE IP HOLDINGS LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: CLEARWIRE COMMUNICATIONS LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: BOOST WORLDWIDE, LLC, KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: ASSURANCE WIRELESS USA, L.P., KANSAS Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: T-MOBILE USA, INC., WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: T-MOBILE CENTRAL LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: PUSHSPRING, LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: LAYER3 TV, LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 Owner name: IBSV LLC, WASHINGTON Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS;REEL/FRAME:062595/0001 Effective date: 20220822 |